Home

Description

Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg.

PUBLISHED Reserved 2024-09-11 | Published 2024-10-14 | Updated 2025-03-18 | Assigner mitre

References

gitee.com/...jepaas-release/issues/IAPJ8H?from=project-issue

cve.org (CVE-2024-46535)

nvd.nist.gov (CVE-2024-46535)